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DETAILED ACTION 



1. 



Claims 1-42 is pending. 



2. 



This is a non-final rejection. 



Claim Rejections - 35 USC § 102 



The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis 
for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

3. Claims 1-26 and 38-42 are rejected under 35 U.S.C. 102(e) as being 
anticipate by Krishnaswamy, et at. (US 5,974,421). 

As per claim 1: 

Krishnaswanny discloses a storage system comprising: 

a first storage area having an object stored therein; and [see col.8, lines 26-45 
and col.9, lines 30-31] 

a second storage area having stored therein an object identifier that identifies the 
object, wherein the object identifier is unique within and outside of the storage system, 
[see FIG.4 and col.,6 lines 5-8; Krishnaswamy discloses that each object has an 
associated global unique identifier (GUID) which is a unique identifier differentiating one 
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object from all other objects. Krishnswamy reads on the one object Is unique within the 
storage system that contains all the objects. Further, it is taught the GUID is unique on 
all other computers on the network which reads on the object is unique outside of the 
storage system and amongst other computers.] 

As per claim 2: see col.6, lines 6-8; discussing the object identifier is a Universal 
Unique Identifier (UUID). 

As per claim 3: see col., lines ; discussing the first and second storage areas are 
storage areas within a database. 

As per claim 4: see col.6, lines 6-8; discussing the object identifier is a Universal 
Unique Identifier (UUID). 

As per claim 5: see col.5, lines 60-65; discussing the storage system is part of an 
access control system. 
As per claim 6: 

Krishnaswamy discloses a memory comprising: 

a first storage area having an object stored therein; and [see col.8, lines 26-45 
and col.9, lines 30-31] 

a second storage area having stored therein an object identifier that identifies the 
object, wherein the object identifier is unique within and outside of the storage system, 
[see FIG.4 and col.,6 lines 5-8; Krishnaswamy discloses that each object has an 
associated global unique identifier (GUID) which is a unique identifier differentiating one 
object from all other objects. Krishnswamy reads on the one object is unique within the 
storage system that contains all the objects. Further, it is taught the GUID is unique on 
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all other computers on the network which reads on the object Is unique outside of the 
storage system and amongst other computers.] 

As per claim 7: see col,6, lines 6-8; discussing the object identifier is a Universal 
Unique Identifier (UUID). 

As per claim 8: see FIGURE 4 ; discussing first and second storage areas are 
storage areas within a database. 

As per claim 9: see col.6, lines 6-8; discussing the object identifier is a Universal 
Unique Identifier (UUID). 
As per claim 10: 

Krishnaswamy discloses a method of storing information in a storage system, 
comprising: 

storing an object in the storage system; and [see col.8, lines 26-45 and col.9, 
lines 30-31] 

storing an object identifier in the storage system, wherein the object identifier 
identifies the object, and the object identifier is unique within and outside of the storage 
system, [see FIG.4 and col.,6 lines 5-8; Krishnaswamy discloses that each object has an 
associated global unique Identifier (GUID) which is a unique identifier differentiating one 
object from all other objects. Krishnswamy reads on the one object is unique within the 
storage system that contains all the objects. Further, it is taught the GUID is unique on 
all other computers on the network which reads on the object is unique outside of the 
storage system and amongst other computers.] 

As per claim 11: see col.6, lines 6-8; discussing the object identifier is a Universal 
Unique Identifier (UUID). 



Application/ Control Number: 09/465,514 Page 5 

Art Unit: 2135 

As per claim 12: see FIGURE 4; discussing the object identifier is stored in a 
database. 

As per claim 13: see FIGURE 4; discussing the object identifier is stored in a 
database. 

As per claim 14: see col.6, lines 6-8; discussing the object identifier is a Universal 
Unique Identifier (UUID). 

As per claim 15: see col.6, lines 6-8; discussing the object identifier is a Universal 
Unique Identifier (UUID). 

As per claim 16: see col. 5, lines 60-65; discussing discloses the storage system is 
part of an access control system. 
As per claim 17: 

Krishnaswamy discloses an access control method comprising: 
requesting access for a user to a remote resource, wherein the request includes 
a subject identifier for use in making an access control decision [see coL9, lines 11-38], 
and wherein the subject identifier is unique within and outside of the remote resource 
and identifies the user, [see FIG.4 and coL,6 lines 5-8; Krishnaswamy discloses that 
each object has an associated global unique identifier (GUID) which is a unique Identifier 
differentiating one object from all other objects. Krishnswamy reads on the one object is 
unique within the storage system that contains all the objects. Further, it is taught the 
GUID is unique on all other computers on the network which reads on the object is 
unique outside of the storage system and amongst other computers.] 
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As per claim 18: see col.6, lines 6-8; discussing the subject identifier is a Universal 
Unique Identifier (UUID). 

As per claim 19: see col. 9, line 11-38; discussing request further includes a subject 
descriptor for use in the access control decision. 

As per claim 20: see col.6, lines 6-8 and col. 9, line 11-38; discussing the subject 

descriptor is a UUID for an organizational structure that includes the user. 

As per claim 21: see col.7, lines 34-35 and col. 8, lines 15-27; discussing the access 

control decision is made by a resource manager that protects the remote resource, and 

the request is sent over a communications path considered safe by the protecting 

resource manager and the user. 

As per claim 22: 

Krishnaswamy discloses a computer-readable medium having computer- 
executable code stored thereon comprising: 

requesting access for a user to a remote resource, wherein the request includes 
a subject identifier for use in making an access control decision [see and coL9, lines 11- 
38], and wherein the subject identifier is unique within and outside of the remote 
resource and identifies the user, [see FIG.4and col.,6 lines 5-8; Krishnaswamy discloses 
that each object has an associated global unique identifier (GUID) which is a unique 
identifier differentiating one object from all other objects. Krishnswamy reads on the one 
object Is unique within the storage system that contains all the objects. Further, it is 
taught the GUID is unique on all other computers on the network which reads on the 
object is unique outside of the storage system and amongst other computers.] 
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As per claim 23: see col. 6, lines 6-8; discussing the subject identifier is a Universal 
Unique Identifier (UUID). 
As per claim 24: 

Krishnaswamy discloses a method of identifying a user requesting access to an object, 
comprising: 

establishing a secure communication path between a reference monitor 
protecting the object and a resource manager having information describing the user, in 
response to a request by the user to access the object; [see coL8, lines 26-45 and col.9, 
lines 11-38] 

sending a request for user information from the protecting reference monitor to 
the resource manager, the request including a subject descriptor for the user, wherein 
the subject identifier is a Universal Unique Identifier UUUID). [see FIG.4 and col.,6 lines 
5-8; Krishnaswamy discloses that each object has an associated global unique identifier 
(GUID) which is a unique identifier differentiating one object from all other objects. 
Krishnswamy reads on the one object is unique within the storage system that contains 
all the objects. Further, it is taught the GUID is unique on alt other computers on the 
network which reads on the object Is unique outside of the storage system and amongst 
other computers.] 

As per claim 25: see col. 12, lines 40-47; discussing determining, based on the 
received user information, if the user has permission to access the request object, [see 
col.10 lines 48-67] 
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As per claim 26: see col. 9, lines 15-19; discussing the user information includes 
information relating to an organization of which the user is member. 
As per claim 38: see col. 8 lines 5-36; discussing wherein object is a database record 
describing a user. 

As per claim 39: see col. 8 lines 5-36; discussing wherein object is a database 
record describing a user. 

As per claim 40: see col. 8 lines 5-36; discussing wherein object is a database 
record describing a user. 

As per claim 41: see col.7, lines 5-36 and col.8 lines 15-31; discussing the subject 
identifier identifies a database record describing the user, and the database record is 
stored on local resource physically separate from the remote resource. 
As per claim 42: see col.7, lines 5-36 and col.8 lines 15-31 ; discussing the subject 
identifier identifies a database record describing the user, and the database record is 
stored on local resource physically separate from the remote resource. 



3. Claims 34-37 are rejected under 35 U.S.C. 102(e) as being anticipate by 
Garg, et al. (US 6,625,603). 

As per claim 34: 

Garg discloses a method of accessing a protected object, comprising: 
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sending a globally unique identifier for a user to a name resolving device, and 
receiving therefrom information about the user; and [see col.8, lines 5-22; Garg discloses 
having different types of objects that comprises various properties such as object type 
identifier and a reference to security descriptor. The invention discloses the identifiers 
are Globally Unique Identifiers (GUIDs). Further, Garg discusses the claimed information 
about the user where USERID of the owner of the file and "user" object defined in the 
directory service can include user's name, email address, password, etc.] 

sending to a storage management system containing an object a request for 
access to the object [see col.2, lines 38-45; the request instructions is for service 
pertaining to access rights associated to objects where the request includes information 
about the user as discussed above. Access rights define who is allowed to perform 
particular operations on an object and are typically granted or denied based on the 
USERID or GROUPID], the request including the information about the user, [see col.7 
lines 26-39 and col.14, lines 1-15] 

As per claim 35: see Garg on col.6, lines 6-8; discussing the subject identifier is a 
Universal Unique Identifier (UUID). 
As per claim 36: 

Garg discloses a computer-readable medium of computer-executable code for 
accessing a protected object, comprising: 

a first set of computer instructions for sending a globally unique identifier for a 
user to a name resolving device, and receiving therefrom information about the user; 
and [see col.8, lines 5-22; Garg discloses having different types of objects that 
comprises various properties such as object type identifier and a reference to security 
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descriptor. The invention discloses the identifiers are Globally Unique Identifiers 
(GUIDs). Further, Garg discusses the claimed information about the user where USERID 
of the owner of the file and "user" object defined in the directory service can include 
user's name, email address, password, etc.] 

a second set of computer instructions for sending to a storage management 
system [see col.6, lines 60-«7] containing an object a request [see col.2, lines 38-45; the 
request instructions is for service pertaining to access rights associated to objects 
where the request includes information about the user as discussed above. Access 
rights define who is allowed to perform particular operations on an object and are 
typically granted or denied based on the USERID or GROUPID] for access to the object, 
the request including the information about the user, [see col.7 lines 26-39 and col.14, 
lines 1-15] 

As per claim 37: see Garg on col.6, lines 6-8; discussing the subject identifier is a 
Universal Unique Identifier (UUID). 



Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 
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4. Claims 27-33 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Krishnaswamy, et al. (US 5,974,421), and further in view of Garg, et al. (US 
6,625,603). 

As per claim 27: 

Krishnaswamy discloses an information storage managennent system, 
comprising a collection of stored objects [see col.6, lines 28-31 and coL8, lines 24-30], 

a resource manager connected to the access control unit and to a 
communication channel [see col.7, lines 35-36 and coL8, lines 15-27], and wherein the 
resource manager receives a user's request for access to the [protected] object, the 
request including a globally unique identifier for the user requesting the access [see 
col.6, lines 5-12], and in response to the user's request the resource manager sends 
over the communications channel to an external storage management system a request 
for information about the user the request including the globally unique identifier [see 
col.9, lines 5-37]. 

However, Krishnaswamy did not include an access control unit for determining if 
a requestor is authorized to access a protected object stored in the collection, wherein 
the resource manager upon receiving a response including user information about the 
user passes the user information to the access control unit; and based on the user 
information the access control unit determines whether to grant the subject access to 
the protected obiect . 
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Garg discloses having different types of objects that comprises various properties 
such as object type identifier and a reference to security descriptor [see coL8, lines 5- 
22]. The invention also discloses the identifiers are Globally Unique Identifiers (GUIDs) 
to distinguish it from other objects [see col.6, lines 65-67 and col.13, lines 18-21]. 
Access rights define who is allowed to perform particular operations on an object and 
are typically granted or denied based on the USERID or GROUPID for access to the 
object [see col.2, lines 38-45]. Garg discloses the claimed to access a protected 
object applies to the security descriptor that provides details of the security and access 
control applicable to the object [see coL8, lines 23-25]. Garg teaches one of the data 
structures defined in the invention includes fields defining whether access is being 
granted or denied and the type of access to grant or deny. In addition, the data 
structure also defines the user or group to whom the permission is granted or denied 
and the data structure includes identifier used to indicate the object type to which the 
permissions apply [see coL3, lines 39-45]. Garg teaches an access control module 
that provides centralized standard mechanism to evaluate whether or not various 
requests for operations affecting objects should be granted or denied [see col.7, lines 
26-30]. Further, Garg discloses containing a request for service pertaining to access 
rights associated to objects where the request includes information about the user as 
discussed above. The information about a user is the object of Garg, defined by the file 
system service can include properties such as a USERID of the owner of the file, the file 
creation time, access time, etc. and that a "user" object can include user's name, E-mail 
address, and password, etc [see col.8, lines 5-22], 
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Therefore it would have been obvious for a person of ordinary skills in the art at 
the time of the invention to combine Krishnaswamy with Garg to teach an access 
control unit for determining if a requestor is authorized to access a protected object 
stored in the collection, receiving a response including user information about the user 
passes the user information to the access control unit, and based on the user 
information the access control unit determines whether to grant the subject access to 
the protected object because the GUID along with other user information are data 
structures that includes fields defining whether access is being granted or denied [see 
coL2, lines 38-45] and the security descriptor that provides details of the security and 
access control applicable to the object [see col.8, lines 23-25] 

As per claim 28: see coL6, lines 6-8; discussing the subject identifier is a Universal 
Unique Identifier (UUID). 

As per claim 29: see col. 9, lines 15-19; discussing the user information is organization 
information indicating whether the user is a member of an organization. 
As per claim 30: 

Krishnaswamy discloses an information storage management system, 
comprising: 

a collection of stored objects; [see col.6, lines 28-31 and col.8, lines 24-30] 

an access control unit for determining if a requestor is authorized to access a 

protected object stored in the collection; [see col.8, lines 50-57] 

a resource manager connected to the access control unit and to a 

communication channel; [see col.7, lines 35-36 and col.8, lines 15-27] 
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wherein the resource manager [receives a user's request for access to the 
protected] object, the request including a globally unique identifier for the user 
requesting the access, and in response to the [user's] request the resource manager 
resolves the globally unique identifier to a user identifier recognized by an external 
storage management system; [see coL6, lines 5-12] 

the resource manager sending to the external storage management system a 
request for information about the user[see col.9, lines 5-37] 

wherein the resource manager upon receiving a response including user 
information about the user passes the user information to the access control unit; and 
[see col.9, lines 41-55] 

[based on the user information the access control unit determines whether 
to grant the subject access to the protected object] 

However, Krishanaswamy did not include receives a user's request for access to 
the protected object and a request for information about the user that is a user identifier. 

Garg discloses a storage system comprising a first storage area having an object 
stored therein and [see coL6, lines 60-61] a second storage area having stored therein 
an object identifier (GUID) that identifies the object, wherein the GUID is unique within 
the storage system [see col.6, lines 65-67 and col.8, lines 10-15]. Garg discloses having 
different types of objects that comprises various properties such as object type identifier 
and a reference to security descriptor [see coL8, lines 5-22]. The invention also 
discloses the identifiers are Globally Unique Identifiers (GUIDs) to distinguish it from 
other objects [see coLS, lines 65-67 and coL13, lines 18-21]. Access rights define 
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who is allowed to perform particular operations on an object and are typically granted or 
denied based on the USERID or GROUPID for access to the object [see coL2, lines 
38-45], Garg discloses the claimed to access a protected object applies to the security 
descriptor that provides details of the security and access control applicable to the 
object [see col.8, lines 23-25]. Garg teaches one of the data structures defined in the 
invention includes fields defining whether access is being granted or denied and the 
type of access to grant or deny. In addition, the data structure also defines the user or 
group to whom the permission is granted or denied and the data structure includes 
identifier used to indicate the object type to which the permissions apply [see col.3, 
lines 39-45]. Garg teaches an access control module that provides centralized 
standard mechanism to evaluate whether or not various requests for operations 
affecting objects should be granted or denied [see colJ, lines 26-30]. Further, Garg 
discloses containing a request for service pertaining to access rights associated to 
objects where the request includes information about the user as discussed above. The 
information about a user is the object of Garg, defined by the file system service can 
include properties such as a USERID of the owner of the file, the file creation time, 
access time, etc. and that a "user"' object can include user's name, E-mail address, and 
password, etc [see col.8, lines 5-22]. 

Therefore it would have been obvious for a person of ordinary skills in the 
art at the time of the invention to combine Krishnaswamy with Garg to teach receives a 
user's request for access to the protected object and a request for information about the 
user that is a user identifier because the GUID and the USERID are information that 
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user's request for access to the protected object and a request for information about the 
user that is a user identifier because the GUID and the USERID are information that 
identifies the user owning the file and are also the data structures that includes fields 
defining whether access is being granted or denied [see col.2, lines 38-45] and the 
security descriptor that provides details of the security and access control applicable to 
the object [see col.8, lines 12-25] 

As per claim 31: see Krishnaswamy on col.6, lines 6-8; discussing the subject identifier 
is a Universal Unique Identifier (UUID). 

As per claim 32: see Krishnaswamy on col.9, lines 15-19; discussing the user 
information is organization information indicating whether the user is a member of an 
organization. 

As per claim 33: see Krishnaswamy on col.6, lines 6-8 and col.9, lines 15-19; 
discussing the resource manager resolves the globally unique identifier by using a 
name server. 

Response to Arguments 

As per claims 1-26 and 38-42, is rejected in view of Krishnaswamy. 

As per claims 27-33, is rejected over Krishnaswamy and in further view of Garg. 

As per claims 34-37 remains rejected in view of Garg. 
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The examiner traverses the argument (on pg7) that Garg fails to teach or 
suggest the provision of a "globally unique identifier" for a "user". 

Claim 34 recites a method of accessing a protected object, comprising: 

sending a globally unique Identifier for a user to a name resolving device, and 
receiving therefrom information about the user; and 

sending to a storage management system containing an object a request for 
access to the object the request including the information about the user. 

Claim 36 recites a computer-readable medium of computer-executable code for 
accessing a protected object, comprising: 

a first set of computer instructions for sending a globally unique identifier for a 
user to a name resolving device, and receiving therefrom information about the user; 
and 

a second set of computer instructions for sending to a storage management 
system containing an object a request 

for access to the object, the request including the information about the user. 

Claims 34-37 broadly claims a globally unique identifier for a user and did not include an 
identifier that is unique within and outside of the remote resource or the storage system. 
In addition, the claimed globally unique identifier is relative and fails to recite how 
globally unique the identifier for a user can be. Hence, the examiner is required to 
broadly and reasonably interpret applicant's globally unique identifier for a user is an 
identifier that is unique to the system meaning no two users will have the same identifier 
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in the system, therefore is the identifier is globally unique for a user, Garg teaches the 
claimed globally unique identifier for a user is in the form of USERID that uniquely 
identifies a user to the system (col .2, lines 20-22). 

Examiner further traverses the argument (on pg.7) that Krishnaswamy is silent 
regarding any particular unique user identification. Krishnaswamy discloses unique 
user identification in the form of GUID that is assigned to objects and identifies the 
object (coL8, lines 50-52). The GUID is a unique identifier differentiating one object 
from all other objects on all other computers on the network (col.6, lines 5-8). 
Krishnaswamy discloses the object relates to both employee information and capital 
assets of a company (col. 9, lines 15-17 and 29-36). Therefore, Krishnaswamy teaches 
unique user information is the GUID. 



Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to LEYNNA T. HA whose telephone number is (571) 272- 
3851 . The examiner can normally be reached on Monday - Thursday (7:00 - 5:00PM). 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supen/isor, Kim Vu can be reached on (571 ) 272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application nnay be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
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